This website uses cookies. View our cookie policy
Select regional store:

Business Continuity Planning, Disaster Recovery & ISO 22301

Business continuity planning and disaster recovery are issues that every organization needs to take seriously.

In an age when there is an ever-increasing risk of cyber attack, cyber (and real) terrorism, and natural disasters, businesses must ensure they have processes in place to ensure they could survive an unexpected disruptive incident and continue trading. This page provides information and links to products that will help you create your own business continuity and disaster recovery plan.

On this page:

An introduction to Business Continuity & Disaster Recovery
ISO/IEC 22301:2012: the Business Continuity Standard
Business Continuity Planning
Disaster Recovery Planning

An introduction to Business Continuity & Disaster Recovery

It is the board's responsibility to ensure that it has a robust and fully tested business continuity and disaster recovery plan that covers all the risks that could potentially harm its business. A business continuity and disaster recovery plan will provide a clear set of guidelines and steps that will return operations to normal as quickly as possible after an incident. Essentially, this means that businesses will not have to make judgment calls or spur-of-the-moment decisions that could unintentionally harm the business.

Every organization should have a business continuity plan. IT Governance has a wide range of books on business continuity and disaster recovery. View all our titles here >>

ISO/IEC 22301:2012: the Business Continuity Standard

ISO22301 is the international standard that sets out the requirements for a Business Continuity Management System (BCMS). Launched in May 2012, ISO22301 replaces the British standard BS25999. Benefits of ISO22301 include the following:

  • The requirements in the standard can be applied in any type or size of organization and in any location.
  • By creating a BCMS aligned with ISO22301, organizations ensure they are best prepared for a disruptive incident. More importantly, it prepares them to continue trading and return to business as usual as quickly as possible.
  • An ISO22301 BMCS protects an organization’s turnover, profits, and reputation by ensuring preparedness.

To find out more about the standard, see our full range of ISO22301 resources, or to download a free green paper on ISO22301, visit our ISO22301 page >>

For those looking to create a Business Continuity Management System (BCMS) aligned with ISO22301, the ISO22301 BCMS Implementation Toolkit provides a set of pre-written policies, templates, plans, and guidance to implement ISO22301 quickly and cost-effectively.

Learn more about the ISO22301 BCMS Implementation Toolkit here >>

Business Continuity Planning

Business Continuity Planning (BCP) is the establishment of procedures and practices for the development, testing, and maintenance of a plan that will enable an organization to continue operating during and after a disaster.

Plans are typically designed to cope with incidents affecting all the organization's business-critical processes and activities, from failure of a single server or server room, all the way through to complete loss of a major facility.

The business continuity management life-cycle usually includes a series of steps:

  • Risk assessment
  • Business impact analysis (BIA)
  • Plan development
  • Documentation
  • Testing
  • Maintenance

View all our Business Continuity Planning Books >>

Disaster Recovery Planning

Disaster Recovery Planning (DCP) is usually a set of technical plans that will enable a business to recover operations that include specific operations, sites, applications, and services. DRP takes place within the BCP framework and a single BCP could contain several DRPs.

Organizations conducting DCP should invest in ISO/IEC 24762, the world's best practice standard for IT disaster recovery planning.

Visit our Business Continuity Management Web Store for all available products.